Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sWOLkaL2Tew2SzX71bMnNFuFPG8.roa
File: sWOLkaL2Tew2SzX71bMnNFuFPG8.roa (raw, json)
Hash identifier: tx1UhNxMa0AOCd19nQWZ8a3UnGfCw+fQkinYHlJlvXs=
Subject key identifier: B1:63:8B:91:A2:F6:4D:EC:36:4B:35:FB:D5:B3:27:34:5B:85:3C:6F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189DFAEBF674D1BFF0D286B9192A9B22C1B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sWOLkaL2Tew2SzX71bMnNFuFPG8.roa
Signing time: Thu 10 Aug 2023 13:41:58 +0000
ROA not before: Thu 10 Aug 2023 13:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.185.24.0/22 maxlen: 24
109.72.116.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 11 Aug 2023 07:53:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:ae:bf:67:4d:1b:ff:0d:28:6b:91:92:a9:b2:2c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 10 13:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1638b91a2f64dec364b35fbd5b327345b853c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d5:63:a8:fb:8b:b6:0e:bd:9b:a3:7c:1c:11:
da:92:a1:f8:f7:97:58:de:de:49:97:d1:9c:29:13:
8e:c3:48:30:c9:2b:18:08:07:9d:8d:43:65:2c:7b:
6f:0f:21:1e:a6:d5:e9:1c:d7:86:44:75:13:6a:36:
52:e1:9d:9d:af:b8:86:aa:ac:78:2b:df:ec:8a:a1:
e8:c9:03:56:66:ef:b9:3f:b2:9a:a3:fe:cd:11:63:
22:33:03:6d:97:77:e5:0c:ee:32:1a:97:51:35:65:
14:5f:3d:a2:cf:a2:a7:95:89:57:41:79:83:48:28:
ce:a3:12:3d:09:1d:a4:7f:4d:f0:5a:73:a8:91:74:
e6:de:60:83:98:26:52:d7:8a:90:9c:bb:f3:0c:ab:
ee:fd:59:e3:63:e8:9e:cc:5a:94:cb:9d:85:8e:f7:
7c:02:91:ec:64:d9:94:f7:1a:8c:e5:d7:07:67:78:
b8:aa:b4:6a:1b:7f:7b:b2:95:1f:99:2e:46:8e:65:
b1:72:5e:d5:32:c8:61:37:96:1e:38:6a:a8:fe:01:
fd:55:86:55:5b:3e:4a:6e:ba:2d:01:dd:78:12:2f:
f8:d2:22:1f:57:e4:e4:0c:0c:ad:b3:e6:6f:a8:cc:
3a:8e:a5:4d:f2:bb:9d:bd:68:0b:e4:a7:73:81:12:
bc:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:63:8B:91:A2:F6:4D:EC:36:4B:35:FB:D5:B3:27:34:5B:85:3C:6F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sWOLkaL2Tew2SzX71bMnNFuFPG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
89.185.24.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
62:d1:5b:c1:07:76:b3:ee:a1:ad:7f:43:b8:2d:7c:a0:b1:5a:
c6:64:82:39:85:cc:57:77:d4:37:80:bf:9e:38:ab:fd:37:a5:
14:5a:39:88:77:02:81:d5:fd:e3:d7:cd:e6:03:25:eb:0f:4c:
aa:ff:b4:cf:82:7b:07:e2:4b:88:7b:fa:93:28:1a:d8:8b:0e:
7b:76:e2:9a:fe:4c:4e:a0:e8:33:8e:81:b8:7e:70:c0:98:f7:
0d:47:41:dc:cf:54:ae:a8:c0:88:6d:8a:99:a7:df:fe:af:ec:
fd:02:12:8a:2e:d4:1c:02:17:2c:19:47:56:f1:0f:80:88:df:
c6:8e:2c:09:f8:27:c0:2a:46:e1:81:cc:8f:9f:cc:75:2c:4d:
42:7e:15:3b:e9:3b:b6:14:90:bd:07:4e:33:a5:16:2a:79:0f:
01:d5:40:1e:a7:81:cb:e4:19:26:39:8e:2d:c3:fb:ca:c6:ae:
70:3e:25:72:5d:88:03:cd:0c:82:1f:68:55:77:6a:68:af:f0:
2c:08:7c:56:c4:5a:fc:15:99:d6:30:d5:3c:02:af:87:89:fc:
9e:78:06:2b:7a:4d:66:13:f3:13:37:cc:a1:4f:03:6c:5d:c4:
2e:1f:55:4e:ad:04:9a:d7:fc:bc:86:98:49:85:b2:d2:e2:7b:
40:dd:68:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnfrr9nTRv/DShrkZKpsiwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODEwMTM0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTYzOGI5MWEyZjY0ZGVjMzY0YjM1ZmJkNWIzMjczNDViODUzYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdVjqPuLtg69m6N8HBHakqH495dY
3t5Jl9GcKROOw0gwySsYCAedjUNlLHtvDyEeptXpHNeGRHUTajZS4Z2dr7iGqqx4
K9/siqHoyQNWZu+5P7Kao/7NEWMiMwNtl3flDO4yGpdRNWUUXz2iz6KnlYlXQXmD
SCjOoxI9CR2kf03wWnOokXTm3mCDmCZS14qQnLvzDKvu/VnjY+iezFqUy52Fjvd8
ApHsZNmU9xqM5dcHZ3i4qrRqG397spUfmS5GjmWxcl7VMshhN5YeOGqo/gH9VYZV
Wz5KbrotAd14Ei/40iIfV+TkDAyts+ZvqMw6jqVN8rudvWgL5KdzgRK8DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLFji5Gi9k3sNks1+9WzJzRbhTxvMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc1dPTGthTDJUZXcyU3pYNzFiTW5ORnVGUEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWbkAAwQC
WbkYAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBi0VvBB3az7qGtf0O4LXygsVrG
ZII5hcxXd9Q3gL+eOKv9N6UUWjmIdwKB1f3j183mAyXrD0yq/7TPgnsH4kuIe/qT
KBrYiw57duKa/kxOoOgzjoG4fnDAmPcNR0Hcz1SuqMCIbYqZp9/+r+z9AhKKLtQc
AhcsGUdW8Q+AiN/GjiwJ+CfAKkbhgcyPn8x1LE1CfhU76Tu2FJC9B04zpRYqeQ8B
1UAep4HL5BkmOY4tw/vKxq5wPiVyXYgDzQyCH2hVd2por/AsCHxWxFr8FZnWMNU8
Aq+HifyeeAYrek1mE/MTN8yhTwNsXcQuH1VOrQSa1/y8hphJhbLS4ntA3WgM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org